How are biometrics used in networks

The most obvious use of biometrics for network security is for secure workstation logons for a workstation connected to a network. Each workstation requires some software support for biometric identification of the user as well as, depending on the biometric being used, some hardware device. The cost of hardware devices is one thing that may lead to the widespread use of voice biometric security identification, especially among companies and organizations on a low budget. Hardware device such as computer mice with built in thumbprint readers would be the next step up. These devices would be more expensive to implement on several computers, as each machine would require its own hardware device. A biometric mouse, with the software to support it, is available from around $120 in the U.S. The advantage of voice recognition software is that it can be centralized, thus reducing the cost of implementation per machine. At top of the range a centralized voice biometric package can cost up to $50,000 but may be able to manage the secure log-on of up to 5000 machines.

The main use of Biometric network security will be to replace the current password system. Maintaining password security can be a major task for even a small organization. Passwords have to be changed every few months and people forget their password or lock themselves out of the system by incorrectly entering their password repeatedly. Very often people write their password down and keep it near their computer (on a post-it note attached to the underside of the keyboard is a frequently seen favourite). This is of course completely undermines any effort at network security. Biometrics can replace these. For example the city of Glendale in Los Angeles county California replaced its password system with fingerprint scanners that use biometrics. The cities employees had the usual password problems. The passwords had to be changed every 90 days and no dictionary words were allowed, only 8-digit alphanumeric strings. The vast majority of users failed to change their passwords and as a result got locked out of the system. The only way for them to get back in the system was a call to the IT helpdesk, which became swamped with calls. The help desk staff ended up spending a disproportionably large amount of time fixing problems with passwords. This is the hidden cost of using passwords, the helpdesk admin costs that always result when people get locked out of the system. The use of biometric identification stops this problem and while it may be expensive to set up at first, these devices save on administration and user assistance costs.

Glendale locks down PCs with Digital Persona biometrics

One way that biometrically verified logons would be implemented is using a centralized system (particularly using voice biometrics). Such a system would be ideal for implementing secure remote logons by mobile users. Remote network access enables tele working, which has been promised by the ‘e’ community for a long time, especially with the arrival of broadband access from the home. It is also important for field employees who travel all over for the company, yet need access to company resources. Biometric identification used along with a secure connection (a problem that is entirely separate to that of Biometrics) to the network makes this once vulnerable aspect of networking more secure.